Shared front-end Web site and back-end Mainframe environment
Results 1 to 4 of 4

Thread: Shared front-end Web site and back-end Mainframe environment

  1. #1
    Junior Member
    Join Date
    May 2004
    Posts
    2

    Shared front-end Web site and back-end Mainframe environment

    If a service provider wants to do this for their clients by utilyzing anonymous FTP, what are the exposures/risks with sharing both the front-end Web site and the back-end Mainframe environment.

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    I'm afraid you didnt post enough info to draw a proper conclusion.
    Can you please re-post with more detail? The original is very vague.

  3. #3
    I don't think you want to allow anonymous ftp to a site with backend scripting, if that's what you mean. Any flaws in server side code can be viewed and exploited, I think that is what you are asking...?

  4. #4
    Junior Member
    Join Date
    May 2004
    Posts
    2
    Hello Soda,
    I am a newbie and am applying for a security analyst position where I currently work. I had an interview/discovery session on Friday and I was given a mock business case with the opportunity to address security concerns. I wasn't sure if this was an exposure but it was suggested I go to AO and see if anyone had any comments/thoughts on the issue.

    It just didn't sound right that if we (the Bank) uses anonymous FTP to transmit data to the vendor and from the vendor back to us and if the front-end web server (of the vendor) and the back-end mainframe environment (of the vendor) was shared it just didn't sound right....

    Especially when this occurs for the vendor's multiple clients, etc.

    Thank you.
    carpenp

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides